function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
radhika_paceradhika_pace 

Using Visualforce pages to limit access to contacts

Hi,

 

I need to limit access to certain contacts for only a few user accounts.

 

I am using Salesforce Professional and have been told it is possible to do this via Visualforce pages.

 

Would anyone kindly be able to explain the simplest possible way about this and how I should go about creating a VF page?

Thank you very much.

Radhika

Ispita_NavatarIspita_Navatar

                                   

Hi,

           If you want to limit the contacts for an accounts then you can use the limit keyword in your SOQL query.

            Please refer to the following snippet for clarity:-

 

            Contact[] con = [select id, name from contact where AccountId in : accid limit 20];

 

Did this answer your question? If not, let me know what didn't work, or if so, please mark it solved. 
raghu123raghu123

HI,

 

You have to use Sharing Rules to limit data access. 

 

Read these Articles.

http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_bulk_sharing_understanding.htm

 

https://na3.salesforce.com/help/doc/en/security_about_sharing_rules.htm

 

Hope This Helps You,

Ragpal.
Starz26Starz26

As raghu123 stated:

 

1. You will have to set Accounts to "Private" in the Orginization Wide Defaults

2. Set up sharing roles based on roles / groups to grant access to those you want to see accounts and contacts

3. Thus defaulting to not allowing access to the remaining roels / groups..

 

By setting the access to read/ read write you will be giving that access to everyone as a base level of access and you will not be able restrict access to specific records to specific roles / groups.

 

**CAUTION: Do not change the OWD without a clear understanding of what it will do to your existing data / sharing model.**

 

Now, with that out of they way, using your current model you could:

 

1. If you know the specific record ID's

2. In the VF Page controller check the user ID or the current user

3. In the query to get the data, filter out the specific record ID's if the current user is on the 'blacklist'

 

The problem is this will be difficult to maintain, is not practical, and the user can always get access another way (search, through related accounts, links, tabs, etc.) The only way to be sure to accomplish your goal is to rework your sharing model.